lgcosta/paperless-ngx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Just remove auth tokens

Browse Source
This commit is contained in:
shamoon 2024-10-29 08:38:21 -07:00
parent 536f626492
commit 18c41c2373
No known key found for this signature in database
3 changed files with 1 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/documents/management/commands/document_exporter.py
View File

@ -24,7 +24,6 @@ from django.utils import timezone
from filelock import FileLock from filelock import FileLock
from guardian.models import GroupObjectPermission from guardian.models import GroupObjectPermission
from guardian.models import UserObjectPermission from guardian.models import UserObjectPermission
from rest_framework.authtoken.models import Token
if TYPE_CHECKING: if TYPE_CHECKING:
from django.db.models import QuerySet from django.db.models import QuerySet
@ -285,20 +284,6 @@ class Command(CryptMixin, BaseCommand):
serializers.serialize("json", manifest_key_to_object_query[key]), serializers.serialize("json", manifest_key_to_object_query[key]),
) )
# Add the auth tokens to the manifest, serialized manually
manifest_dict["auth_tokens"] = [
{
"model": "authtoken.token",
"pk": t.pk,
"fields": {
"key": t.key,
"user": t.user_id,
"created": t.created.isoformat(),
},
}
for t in Token.objects.all()
]
self.encrypt_secret_fields(manifest_dict) self.encrypt_secret_fields(manifest_dict)
# These are treated specially and included in the per-document manifest # These are treated specially and included in the per-document manifest
@ -583,11 +568,7 @@ class Command(CryptMixin, BaseCommand):
value=manifest_record["fields"][field], value=manifest_record["fields"][field],
) )
elif ( elif MailAccount.objects.count() > 0 or SocialToken.objects.count() > 0:
MailAccount.objects.count() > 0
or SocialToken.objects.count() > 0
or Token.objects.count() > 0
):
self.stdout.write( self.stdout.write(
self.style.NOTICE( self.style.NOTICE(
"No passphrase was given, sensitive fields will be in plaintext", "No passphrase was given, sensitive fields will be in plaintext",

7
src/documents/management/commands/mixins.py
View File

@ -108,13 +108,6 @@ class CryptMixin:
"token_secret", "token_secret",
], ],
}, },
{
"exporter_key": "auth_tokens",
"model_name": "authtoken.token",
"fields": [
"key",
],
},
] ]
def get_crypt_params(self) -> dict[str, dict[str, str | int]]: def get_crypt_params(self) -> dict[str, dict[str, str | int]]:

6
src/documents/tests/test_management_exporter.py
View File

@ -23,7 +23,6 @@ from django.utils import timezone
from guardian.models import GroupObjectPermission from guardian.models import GroupObjectPermission
from guardian.models import UserObjectPermission from guardian.models import UserObjectPermission
from guardian.shortcuts import assign_perm from guardian.shortcuts import assign_perm
from rest_framework.authtoken.models import Token
from documents.management.commands import document_exporter from documents.management.commands import document_exporter
from documents.models import Correspondent from documents.models import Correspondent
@ -878,8 +877,6 @@ class TestCryptExportImport(
password="mypassword", password="mypassword",
) )
Token.objects.create(user=User.objects.first())
app = SocialApp.objects.create( app = SocialApp.objects.create(
provider="test", provider="test",
name="test", name="test",
@ -935,9 +932,6 @@ class TestCryptExportImport(
self.assertIsNotNone(account) self.assertIsNotNone(account)
self.assertEqual(account.password, "mypassword") self.assertEqual(account.password, "mypassword")
token = Token.objects.first()
self.assertIsNotNone(token)
social_token = SocialToken.objects.first() social_token = SocialToken.objects.first()
self.assertIsNotNone(social_token) self.assertIsNotNone(social_token)